Earlier today at approximately 2:53PM EST, I received a message from a trusted affiliate partner stating “NAME has shared a document on Google Docs with you.”
Normally I do NOT open documents such as this. However, this particular affiliate occasionally sends new releases via newsletter or via a Google Doc. So I clicked on the link. Within an instant, I noticed spam emails going out with the exact same subject line as the one that I received.
I freaked the fark out.
I immediately revoked access to my Google Docs and contacts and changed my password. Unfortunately, many of you may have received an email from firstname.lastname@example.org with the subject line Kim Miller has shared a document on Google Docs with you.
– Do Not Click on the Link –
Opening the email will do nothing, but DO NOT CLICK THE LINK. If you have already clicked the link, you need to take the following steps.
Go to Google.com and sign in to your account and then click on your icon in the upper right corner of the screen and then click on the blue My Account button.
Underneath the Sign-in & security setting you need to click on Connected apps & sites (circled in red).
Scroll down until you find the Connected apps & sites header. Under the section marked Apps connected to your account, click on the MANAGE APPS selection circled in red below.
Look through the Apps Connected to Your Account and locate Google Docs. Click to open it, then click the blue Remove button to revoke access to your Google Docs.
After you have completed the above steps, you need to change your password immediately. Change your password last, otherwise the worm will have access to your new password as well.
Apparently, we were not the only ones who fell for this particular scam. NBC News published an article earlier this evening about the phishing attack:
An unusually sophisticated identity phishing campaign appeared to target Google’s roughly 1 billion Gmail users worldwide, seeking to gain control of their entire email histories and spread itself to all of their contacts, Google confirmed Wednesday.
The worm — which arrives in users’ inboxes posing as an email from a trusted contact — asks you to check out an attached “Google Docs,” or GDocs, file. Clicking on the link takes you to your real Google security profile, where you’re asked to give permission for the fake app posing as GDocs to manage your email account. Continue reading the rest of the article here. Many thanks to Alex Johnson for coverage of this nasty little scam!